Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com>
List-Archive:	<http://sourceware.cygnus.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sourceware DOT cygnus DOT com>
List-Help:	<mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs>
Sender:	cygwin-owner AT sourceware DOT cygnus DOT com
Delivered-To:	mailing list cygwin AT sourceware DOT cygnus DOT com
Message-ID:	<39303F67.D6C4E256@vinschen.de>
Date:	Sat, 27 May 2000 23:34:31 +0200
From:	Corinna Vinschen <corinna AT vinschen DOT de>
Reply-To:	cygwin <cygwin AT sourceware DOT cygnus DOT com>
X-Mailer:	Mozilla 4.7 [en] (X11; I; Linux 2.2.14 i686)
X-Accept-Language:	de, en
MIME-Version:	1.0
To:	Prentis Brooks <prentis AT aol DOT net>
CC:	Cygwin <cygwin AT sourceware DOT cygnus DOT com>
Subject:	[ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite]
References:	<NEBBLEPLMLJEEFHAGMDMMECJCAAA DOT prentis AT aol DOT net>

Prentis Brooks wrote:
> You have RSA Authentication enabled and running as user foo on port 22.  You
> have another Daemon running SSH with password authentication on port 26.  If
> user bar sets up RSA keys in his/her home directory and then connects to
> port 22, it will authenticate him/her via the keys in bar's home directory
> and then promptly drop them to the shell as foo... this is bad.

Should be solved in my new version. You will find it in

ftp://ftp.franken.de/pub/win32/develop/gnuwin32/cygwin/porters/Vinschen_Corinna/V1.1.1

files

	openssh-1.2.2-2.README
	openssh-1.2.2-2.tar.gz
	openssh-1.2.2-2.diff


Have fun,
Corinna

-- 
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com

- Raw text -